From e52d07018dd26c91efa5d45c8b4543ed14edc9cd Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Wed, 4 Jan 2006 12:12:09 +0000
Subject: Ignore the bad-word 'BAD' within email addresses.

---
 logcheck/violations.ignore.d/postfix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'logcheck/violations.ignore.d/postfix')

diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix
index cf2e000..fa6f2da 100644
--- a/logcheck/violations.ignore.d/postfix
+++ b/logcheck/violations.ignore.d/postfix
@@ -35,5 +35,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning:( smtpd_peer_init:)? [\.0-9]+: hostname [^[:space:]]+ verification failed: (Name or service not known|Temporary failure in name resolution)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [^[:space:]]+: reject: (DATA|RCPT) from [^[:space:]]+\[[\.0-9]+\]: [45][0-9]{2}( [^;]+;){1,3} from=<[^>]*>( to=<[^>]*>)? proto=E?SMTP( helo=<[^>]*>)?$
 # Suspicious words within email addresses are ok
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]:.* (from|helo|message\-id|to)=<[^>[:space:]]*(attack|debug|deny|error|expn|refused)[^>[:space:]]*>.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|debug|deny|error|expn|refused)[^[:space:]]* has a valid A record$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]:.* (from|helo|message\-id|to)=<[^>[:space:]]*(attack|BAD|debug|deny|error|expn|refused)[^>[:space:]]*>.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|BAD|debug|deny|error|expn|refused)[^[:space:]]* has a valid A record$
-- 
cgit v1.2.3